in DC1 Server is connected to Core switch. so any source will try to access 172.16.11.10 in DC1, if DC1 is offline, then source will still try to access 172.16.11.10 but since Server in DC1 is down, and it has transferred its Role and IP to server in DC2 ( just like Cisco Firewall Failover occurs ) so now when any source try to access 172.16.11.10 again , it receives MAC address of server of DC2 and traffic switch to DC2. does that make sense?

I understand the information you have given. My question is how will users route to the machine? Where is your L3 gateway?

I concur with Michael's line of questioning...With the information you just gave, my thinking is that for this to work you might need a load-balancer of some sort that will keep track of the availability of the servers.

Hi, actually i had some complex stuff going on, so to simplify i made minimum diagram :) here is actual scenario. Previously both primary and backup Server were connected in DMZ behind Cisco ASA, now we want to move one of the server to other Data center. so see attached updated diagram, i am planning to extend Vlan of DMZ to my Core switch in DC1 and then use fiber to reach DC2 for failover server.

does that make sense now ? :-s please suggest if it will work? specially STP concern, else any good alternate suggestions?

Yes both servers will send keep alive to each other over vlan 99 as well , Same as data.

When primary server will be down, primary server IP will be assigned to secondary server itself ( due to their internal mechanism of servers to Swap IP once heart beat is lost ) so when user PC send request to .10 , DC01 server will not reply since its down, and DC02 server will send response (its MAC address) so that traffic for .10 is directed towards it.  ( i guess so it will work this way , doing it first time : ) )

Looking at the updated drawing I agree with NkiwaneMG

Should be good to go.

Please also note both switches are in different VTP domain ( Because in different DC ) will i get any vtp mistmatch error?

OR any VTP exchange possibility? if so how to tackle it,

Thank you both for your time and input, when i implement it, i will let you know the results. hopefully all good :)

1- To form trunk link between different vtp domains you have to use "switchport nonegotiate" to avoid vtp domain mismatch problem. It forms unconditional trunk link without exchanging DTP packets. In this mode there is no concern for domains mismatch problem.

2- As you are using fiber connectivity don't forget to enable "UDLD" in "aggressive" or "normal" mode (global config)  which is recommended STP fail over feature on fiber optic links.

Hi MG, thank you for your feedback, actually once in our another location. we had a fiber, and infrastructure guy connected it on both offices core switches without telling us, and that caused spanning-tree loop and our complete network went down.

i am afraid of same situation, so that's why looking for any precautions measures that need to be taken, before i create dot1q trunking between both core switches, because if we read Cisco recommend DCI standards then dot1q trunking doesnt seem  to be recommended.

For a better understanding of the topology and for everyone to be able to help, you will need to give more information on how the current connectivity is, between the two DCs.

If this is the only connection available between the two DCs, and if trunking is configured only to transport the fail-over vlan, I do not see any reason why you would have a STP loop.

Thanks, HTH,

Manny